Docker Compose is the recommended deployment method for servers. It keeps the container configuration declarative, makes upgrades and rollbacks a single command, and handles the volume mount and restart policy automatically. The repository ships two Compose files:Documentation Index
Fetch the complete documentation index at: https://mintlify.com/proteo5/waf-autoblock/llms.txt
Use this file to discover all available pages before exploring further.
docker-compose.yml for building from source and docker-compose.hub.yml for pulling the published Docker Hub image.
Compose Files
The repository provides two Compose files serving different purposes:docker-compose.yml
Builds the image locally from the repository source using the
Dockerfile. The default image tag is local. Use this file during development when you need to test uncommitted changes.docker-compose.hub.yml
Pulls the image from Docker Hub (
proteo5/waf-autoblock). Defaults to the latest tag but respects the DOCKER_TAG environment variable to pin a specific version. Use this file for all server deployments.waf-autoblock.env by default and mount ./data into the container at /app/data for SQLite persistence.
Server Install with Compose
Create the server folder and data directory
Set up the working directory that will hold the Compose file, env file, and persistent data:
Copy the Compose file to the server
Place
docker-compose.hub.yml in the working directory. This is the only Compose file needed for server deployments:Create the environment file
Copy Open
.env.example from the repository and fill in your Cloudflare credentials, rule IDs, and any tuning values:waf-autoblock.env and set your real values for Cloudflare__ApiToken, Cloudflare__ZoneTag, Cloudflare__AccountId, Cloudflare__BlocklistId, and at least one Rules__0__RuleId.Pull the image and start the service
Pin the versioned tag, pull the image, and bring the service up in detached mode:
Local Development Build
For local development, run from the repository root. Compose will build the image from source before starting the container:http://localhost:8080. The ./data directory is mounted automatically so the SQLite database persists between runs. Stop the service with Ctrl+C; the data directory remains intact.
Pinning a Tag
TheDOCKER_TAG environment variable controls which image version Compose pulls and runs. Set it before calling docker compose to pin a specific release:
latest tag instead, unset the variable before running Compose:
The recommended promotion flow is to validate a versioned tag first, then unset
DOCKER_TAG and promote to latest only after that validation passes.Custom Env Filename
By default, both Compose files load environment variables fromwaf-autoblock.env in the working directory. If you need to use a different filename — for example when managing multiple environments on the same server — set RUNTIME_ENV_FILE before running Compose:
RUNTIME_ENV_FILE variable maps directly to the env_file.path field in the Compose definition, so any valid path accepted by Docker Compose is supported.
Dollar Sign Escaping
This matters forCloudflare__BlocklistId when you reference the list by its symbolic name. The .env.example file already has the correct escaped form:
$$ — a single $ would be interpreted as a Compose variable substitution and the value passed to the container would be empty.